Use this section to tell people about which versions of your project are currently being supported with security updates.

If you discover a security vulnerability within Simple Invoice, please send an email to the repository owner. All security vulnerabilities will be promptly addressed.

Please do not disclose security vulnerabilities publicly until they have been addressed by the maintainers.

The following information will help us triage your report more quickly:

• Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
• Full paths of source file(s) related to the manifestation of the issue
• The location of the affected source code (tag/branch/commit or direct URL)
• Any special configuration required to reproduce the issue
• Step-by-step instructions to reproduce the issue
• Proof-of-concept or exploit code (if possible)
• Impact of the issue, including how an attacker might exploit the issue

We appreciate your efforts to responsibly disclose your findings, and will make every effort to acknowledge your contributions.